On the 7th of December, The Redwood Eye Center in California had notified 16000 clients about something very troubling. In the letter they patched to everyone, they had said that the personal information of all of these people was now compromised because their subcontractor had suffered a ransomware attack.
The Redwood Eye Center had learned much earlier that their third-party vendor – IT Lighthouse, had suffered a ransomware attack and removal strategies had been deployed. This subcontractor held vital medical record databases for The Redwood Eye Center and they had been locked out of their server. A server which contained 16,055 records of past customer – which included medical treatment information, health insurance information, dates of birth, addresses and the names of these patients.
The official notification had originally been sent to the California Attorney General’s office, but then had to be issued to all the people who were directly affected by the incident. Ransomware removal strategies that have been adopted include the third party contractor and Redwood contracting with a digital forensic firm and medical software vendor. This had to be done in order to root out the cause of the attack and to naturally regain access to all the encrypted data.
Redwood, however, went on to highlight that they do not believe that any of their past customer’s information had been exfiltrated. This is because the attack was termed as a simple ransomware one and a direct data breach was not identified.
To make their customers feel safe and to reaffirm their trust Redwood ended their letter saying, “We are taking steps to change our medical record hosting vendor and enhance the security of our patient information”. Well, we believe Redwood and also realize now that absolutely no kind of business is safe from cyberattacks and ransomware removal strategies are an absolute necessity for everyone.
